Accepting Credit Cards for Payment

Introduction

Accepting credit cards as a form of payment provides a service for customers giving them a convenient method to pay for goods and services on campus. Departments accepting credit cards as a form of payment should be familiar with the risks, fees, and security requirements involved with being a credit card merchant.  This web page is designed to give departments an overview of credit card acceptance and processing. 

Abbreviations

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Roles

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Payment Card Industry Data Security Standards (PCI DSS)

Overview

In light of growing consumer concerns over the compromise of credit card data, the four major credit card associations joined forces to establish a security program for merchants called the Payment Card Industry Data Security Standards (PCI DSS).  The PCI Security Standards Council (PCI Co) was later formed to work with credit card associations as an advisory group to manage the PCI standards.

Credit card information must be handled in a secure manner, as a breach of credit card information has significant consequences.  All campus merchants are required to comply with the PCI DSS as determined by the Campus Credit Card Coordinator.  Non compliance could result in our merchant bank assessing significant fines, suspending campus ability to process credit cards, and/or requiring on site credit card audits.

Campus departments may not store credit card numbers in any electronic format unless official approval from the Controller’s Office has been obtained.

PCI DSS Compliance Validation

Campus merchants must validate their PCI DSS compliance by registering with the University’s system-wide vendor, AmbironTrustWave (ATW).  Through ATW’s online portal tool, trustkeeper.net, merchants complete an annual self assessment questionnaire and register for monthly security scans, if applicable.  All Third Party Service Providers used for credit card processing on behalf of a campus department must also be in compliance with PCI DSS.

The ‘PCI Self Assessment Questionnaire’ is validated annually via trustkeeper.net and covers topics such as:

  • Building and maintaining a secure network
  • Protecting cardholder data
  • Maintaining a vulnerability management program
  • Implementing strong access control measures
  • Monitoring and testing networks
  • Maintaining an information security policy

The questionnaire is subject to change as needed by the PCI Co.

Along with the annual questionnaire, all campus websites and IP addresses touching credit card data are required to be registered with trustkeeper.net in order to perform monthly network and perimeter security scans.

All Third Party Service Providers handling credit card data on behalf of a campus merchant must provide adequate documentation to the Campus Credit Card Coordinator that their process is in compliance with the PCI DSS.  They must also be contractually obligated with the campus to comply with the PCI DSS program on an ongoing basis.  Departments should consult with the Campus Credit Card Coordinator before making commitments or purchases with any Third Party Service Provider to avoid delays in credit card acceptance and processing.

For additional information on this topic, please refer to the ‘Resources’ section on this page.

Transaction Processing Overview

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Transaction Types

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Acceptance Rules

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Processing Guidelines

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Acceptance Options and Costs

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Processing Fees

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Department Responsibilities

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Retrieval Request

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Chargebacks

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Establishing a Merchant Account

Details are coming soon.  Please contact the Campus Credit Card Coordinator for additional information.

Resources

Campus Resources

UCOP Banking Services

http://www.ucop.edu/finmgt/banking/policies.html

Chase Paymentech Solutions (CPS)/First Data Merchant Services (FDMS)

www.paymentech.com/solmershpcen.do
Customer Service: 1-800-326-7991
Terminal Support: 1-800-346-3315
Voice Authorization: 1-800-843-3812
Media Retrieval Unit: 1-800-896-7161
CPS Customer Service Associate: Delrene Smith
--Phone: 1-800-326-7991 ext. 5412
--Fax: 954-375-6704
--Delrene.Smith@ChasePaymentech.com

Credit Card Associations Payment Card Industry Security Standards (PCI DSS)

This page last updated on April 11, 2008